<? // email

$email = pure_email( $_GET['email'] );

// incorrect email
if( !$email ) ajax_exit( 'error', 'email incorrect', array( 'email'=>$email ) );

// do we have this email for a user?
$query = "select usr_id from users where email='$email'";
$usr_id = db_get_col($query);
//-echo "usr_id = $usr_id<br/>";

// put into email table
$query = "insert into email_log( email, status, usr_id, rx_ts )
	values( '$email', 'new', ".(($_SESSION['usr_id'])?$_SESSION['usr_id']:'null').", current_timestamp )";
//-echo "insert: $query<br/>";
db_dml( $query );
// todo: error checking
$eml_id = mysql_insert_id();
// todo: error checking

$_SESSION['eml_id'] = $eml_id;

// send email
if( $usr_id ) {
	// send temporary login
	// log having been sent
	$query = "update email_log set status='reset-password', usr_id=$usr_id, tx_ts=current_timestamp where eml_id=$eml_id";
	//-echo "reset: $query<br/>";
	db_dml( $query );
}
else {
	// send login info
	// log having been sent
	$query = "update email_log set status='login-info', tx_ts=current_timestamp where eml_id=$eml_id";
	//-echo "info: $query<br/>";
	db_dml( $query );
}

ajax_exit( 'notify', "signin / login information sent to $email\nthe email voids itself in five minutes from now" );

?>
